false error message
For the past 2 weeks I have been suffering from a false error message that prevents me from sending emails and replying to emails, but only with certain email accounts. The error message is as follows: "An error occurred while sending mail. The mail server responded: 5.7.1 Message contains spam or virus or sender is blocked : women53_779b8c539435f. Please check the message and try again." I have worked with UK2 the email service provider and they can find nothing wrong, working from their webmail everything is indeed okay. I have done a clean install and the problem disappeared for 10 emails and then returned. There is no virus, no spam and I'm not blocked, so what is going on? Please help someone, I've run out of ideas. Thanks, David.
All Replies (6)
Lets start at the beginning. The server has been programmed to identify certain things as spam. Your email meets that standard. So as far as your provider is concerned you are sending spam. If that is wrong you need to talk to them.
I have recently seen a spike in folk that get this sort of message on their own web servers because the hosting company is identifying the links in their signature as SPAM.
The other thing you been to be aware of is sending from a web mail interface does not use any of the same protocols or servers that sending from a mail client does. For a start these so called spam filters are never used on the stuff that comes from the web servers, one reason is that it would be to slow to send spam through the normal clunky web interface, the other is it would be more difficult to maintain the web sending interface with them.
Check your domain and local IP address against a couple of the blacklists. they may be applying the acceptance blacklist to the submission process.
Thanks for your reply Matt, unfortunately I don't think it helps a lot. I have been working with UK2 for the past few weeks and this is their latest response: "So it looks like what is happening is that Thunderbird or possibly your local anti-virus is being a bit over zealous and over protective. Which looks like your using Avast from some of the signature of previous reply's to the ticket. Good antivirus by the way! But still can cause false positives or get things wrong. Same with Thunderbird.
Either of the two could be seeing something that it doesn't like when you try to send. As to what exactly, I'm not sure. You may need to dig deeper with Thunderbird support and Avast logs on your machine to acquire more details. I'm Wondering if it's possible to whitelist our email address for the ticket support system as well as other email address with both/or Thunderbird and avast.
It probably wouldn't hurt to check out with google to see if others in the world have been seeing that same error message with Avast or Thunderbird. Likely there will be a solid solution found and applied by the community that will be located where others are talking about same problem.
Avast or Thunderbird may not like words in some of the messages your sending out. It could be a link In a message, the signature, or files your trying to attache to in messages. There is the possibility that avast or Thunderbird is being over protective and blocking something that is not a danger at all. You will likely need to consult support or documentation for both to see if you can confirm if it's a false positive block and how to correct that.
Something I want to strongly emphasize: There is no doubt with the new info at this time that the issue is caused by the server. The cause is with Thunderbird or Avast."
I cannot even send a completely blank email, so it doesn't appear to be content related and I have attached the result of a blacklist search and the domain is not listed. Checking on Google only showed someone else with the same problem also hosted by UK2.
I have been using Thunderbird, Avast and UK2 for the past 6 years without any problems, until earlier this year.
If you have any additional input I would be grateful. Thanks you.
So you have already been told avast is probably the cause, if it is sticking those stupid scanned by messages into your email, alluded to by your providers comments, I am almost certain of it. Here are some of the issues we have documented avast as causing https://wiki.mozilla.org/Thunderbird:Testing:Antivirus_Related_Performance_Issues#AVAST
Your emails are being modified after you click send and before they get to the server. If you were doing the right thing as a business and digitally signing your mail, thus guaranteeing that your recipient got what you sent, all of your mail would be rejected as having been hacked in transit. Normally the only cause of that would be a virus, but AV companies (at least some of them) thing this is Ok. It is not. It is hacking. Nor should they be adding headers to the outgoing mail. they are neither a mail client or an SMTP server.
If Thunderbird is reporting the error as from the server, and you provider tells you their server is not producing that error then I have no doubt Avast strikes again. Turn off any anti virus scanning of outgoing mail. If you have an anti virus add-on for any reason in Thunderbird disable it immediately. This includes anti phishing, anti scam and anti malware. The addons are all useless rubbish that either slow Thunderbird to a crawl or fail completely on the next 6 weekly security update because of their inherent binary nature. Then we get another support request.
Link to one provider of digital email certificates. https://www.comodo.com/home/email-security/free-email-certificate.php
Hello Matt,
Thanks for this detailed explanation, I will certainly look at changing the Avast settings, but there is one outstanding question, if it is Avast that is causing the problem, why doesn't it affect all of my email accounts, only those that are related to a particular domain and hosted with UK2? Cheers, David.
I have no real idea, as I am not privy to the outgoing server setting for any of the others, all I have in conjecture.
Avast if I recall correctly ask you to add them the the certificate store as a Certifying Authority. <rant on> This I have issues with as real certifying authorities have to undergo audits of their stuff. Avast does none of this an fails to pay the hefty costs associated with this.
Why, so they can undertake a mad in the middle hack on your email and web content, ostensibly to check for malware. In reality it create yet another hole in your security. A subpoena to avast would have more effect on accessing your data that one to your ISP, avast has access to everything in the clear, your ISP does not. I feel that is a sad state of affairs, created simply because people trust anti virus vendors. <end rant>
The reality is that the use of fake certificates and fake certifying authorities may well be tripping up somewhere. Perhaps the provider is strict on something other are not. But more likely something in avast is simply corrupt. That error message with it's cryptic women53_779b8c539435f sounds like the name some sort of anti spam rule such as one would expect in an anti spam solution be it avast or even others such as spamassasin.
Perhaps in that account you always sign off as a name that contains some sort of female oriented denigration or description something as innocent as having the surname Cockburn. And yes my friend has had trouble with idiot anti spam and more often parental controls simply because he carries his fathers name.
My email service provider has finally discovered that the latest dynamic IP address allocated to me has been blocked. I have complained to my ISP and rebooted my router to resolve the issue.
Unfortunately I have another issue now,I changed an IMAP email account to a POP account and now I cannot download anything from the email server, instead I get the follow message: "The account david.oriley@tellus.ae is being processed. Please wait until processing is complete to get messages." but it does nothing. I have checked the server settings and even deleted the account and recreated it a second time but to no avail, sending is fine?